diff --git a/salt/allowed_states.map.jinja b/salt/allowed_states.map.jinja index bc2a7c86b..3548a7f0d 100644 --- a/salt/allowed_states.map.jinja +++ b/salt/allowed_states.map.jinja @@ -250,14 +250,7 @@ {% if REDIS and grains.role in ['so-manager', 'so-standalone', 'so-managersearch', 'so-heavynode', 'so-receiver'] %} {% do allowed_states.append('redis') %} {% endif %} - - {% if grains.os == 'Rocky' %} - {% if not ISAIRGAP %} - {% do allowed_states.append('yum') %} - {% endif %} - {% do allowed_states.append('yum.packages') %} - {% endif %} - + {# all nodes on the right salt version can run the following states #} {% do allowed_states.append('common') %} {% do allowed_states.append('patch.os.schedule') %} diff --git a/salt/manager/files/acng/acng.conf b/salt/manager/files/acng/acng.conf deleted file mode 100644 index 1f1f53754..000000000 --- a/salt/manager/files/acng/acng.conf +++ /dev/null @@ -1,96 +0,0 @@ -# This is a configuration file for apt-cacher-ng, a smart caching proxy for -CacheDir: /var/cache/apt-cacher-ng -LogDir: /var/log/apt-cacher-ng -Port: 3142 -# BindAddress: localhost 192.168.7.254 publicNameOnMainInterface -Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian # Debian Archives -Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu.us # Ubuntu Archives -Remap-cygwin: file:cygwin_mirrors /cygwin # ; file:backends_cygwin # incomplete, please create this file or specify preferred mirrors here -Remap-alxrep: file:archlx_mirrors /archlinux # ; file:backend_archlx # Arch Linux -Remap-centosmirrorlist: mirrorlist.centos.org -Remap-centos: file:centos_mirrors ; file:backends_centos.us # Fedora Linux -Remap-fedora: file:fedora_mirrors ; file:backends_fedora.us # Fedora Linux -Remap-epel: file:epel_mirrors ; file:backends_epel.us # Fedora EPEL -Remap-slrep: file:sl_mirrors # Scientific Linux -Remap-gentoo: file:gentoo_mirrors.gz /gentoo ; file:backends_gentoo # Gentoo Archives -#Remap-alpine: file:alpine_mirrors /alpine #; dl-cdn.alpinelinux.org # Alpine Archives -Remap-alpine: dl-cdn.alpinelinux.org -Remap-yarn: registry.yarnpkg.com -Remap-npm: registry.npmjs.org -Remap-node: nodejs.org -Remap-apache: file:apache_mirrors ; file:backends_apache.us -Remap-salt: repo.saltstack.com; https://repo.saltstack.com -Remap-securityonion: http://repocache.securityonion.net ; file:securityonion -# Remap-secdeb: security.debian.org -ReportPage: acng-report.html -# SocketPath:/var/run/apt-cacher-ng/socket -UnbufferLogs: 1 -VerboseLog: 1 -ForeGround: 1 -# PidFile: /var/run/apt-cacher-ng/pid -# Offlinemode: 0 -# ForceManaged: 0 -ExTreshold: 8 -# ExAbortOnProblems: 1 -# ExSuppressAdminNotification: 1 -# StupidFs: 0 -# ForwardBtsSoap: 1 -# DnsCacheSeconds: 1800 -# MaxStandbyConThreads: 8 -MaxConThreads: 120 -# -# - static data that doesn't change silently ont he server (PFilePattern) -# - volatile data that can be changed like every hour (VFilePattern) -# - special static data that shared some file names with volatile data, -# and in doubt should be identified as static (SPfilePattern) -# - a "whitelist pattern" with hints for the regular expiration job telling -# to keep the files even if they are not referenced by others, like crypto -# signatures with which clients begin their downloads (WfilePattern) -# -VfilePatternEx: (metalink\?repo=[0-9a-zA-Z-]+&arch=[0-9a-zA-Z_-]+|/\?release=[0-9]+&arch=|repodata/.*\.(xml|sqlite)\.(gz|bz2)|APKINDEX.tar.gz|filelists\.xml\.gz|filelists\.sqlite\.bz2|repomd\.xml|packages\.[a-zA-Z][a-zA-Z]\.gz) -PfilePatternEx: (/dists/.*/by-hash/.*|\.tgz|\.tar|\.xz|\.bz2|\.rpm|\.apk)$ -# WfilePatternEx: -# SPfilePatternEx: - -Debug:1 -# ExposeOrigin: 0 -# LogSubmittedOrigin: 0 -# UserAgent: Yet Another HTTP Client/1.2.3p4 -# RecompBz2: 0 -# NetworkTimeout: 60 - -# DontCacheRequested: linux-.*_10\...\.Custo._i386 -# DontCacheRequested: 192.168.0 ^10\..* 172.30 -# DontCacheResolved: ubuntumirror.local.net -DontCache: mirrorlist.centos.org - -# DirPerms: 00755 -# FilePerms: 00664 - -LocalDirs: acng-doc /usr/share/doc/apt-cacher-ng -# PrecacheFor: debrep/dists/unstable/*/source/Sources* debrep/dists/unstable/*/binary-amd64/Packages* -# RequestAppendix: X-Tracking-Choice: do-not-track\r\n -# ConnectProto: v6 v4 -# KeepExtraVersions: 0 -# UseWrap: 0 -FreshIndexMaxAge: 300 -# AllowUserPorts: 80 -RedirMax: 6 -# VfileUseRangeOps is set for fedora volatile files on mirrors that dont to range -VfileUseRangeOps: -1 -# PassThroughPattern: private-ppa\.launchpad\.net:443$ -# PassThroughPattern: .* # this would allow CONNECT to everything -PassThroughPattern: (repo\.securityonion\.net:443|download\.docker\.com:443|mirrors\.fedoraproject\.org:443|packages\.wazuh\.com:443|repo\.saltstack\.com:443|repo\.saltproject\.io:443|yum\.dockerproject\.org:443|download\.docker\.com:443|registry\.npmjs\.org:443|registry\.yarnpkg\.com:443)$ # yarn/npm pkg, cant to http :/ -# ResponseFreezeDetectTime: 500 -# ReuseConnections: 1 -# PipelineDepth: 255 -# CApath: /etc/ssl/certs -# CAfile: -# OptProxyTimeout: -1 -# MaxDlSpeed: 500 -# MaxInresponsiveDlSize: 64000 -# BadRedirDetectMime: text/html -{% set proxy = salt['pillar.get']('manager:proxy') -%} -{% if proxy -%} -Proxy: {{ proxy }} -{% endif -%} diff --git a/salt/mysql/init.sls b/salt/mysql/init.sls index 8c4edc651..44e6789af 100644 --- a/salt/mysql/init.sls +++ b/salt/mysql/init.sls @@ -106,20 +106,6 @@ so-mysql: - require: - file: mysqlcnf - file: mysqlpass - cmd.run: - - name: until nc -z {{ GLOBALS.manager }} 3306; do sleep 1; done - - timeout: 600 - - onchanges: - - docker_container: so-mysql - module.run: - - onchanges: - - cmd: so-mysql - -append_so-mysql_so-status.conf: - file.append: - - name: /opt/so/conf/so-status/so-status.conf - - text: so-mysql - {% endif %} {% else %} diff --git a/salt/top.sls b/salt/top.sls index c09974418..e029e3e2c 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -28,10 +28,6 @@ base: - salt.minion-state-apply-test - salt.minion - 'G@os:Rocky and G@saltversion:{{saltversion}}': - - match: compound - - yum.packages - '* and G@saltversion:{{saltversion}}': - match: compound - salt.minion diff --git a/salt/yum/packages.sls b/salt/yum/packages.sls deleted file mode 100644 index f70fa20be..000000000 --- a/salt/yum/packages.sls +++ /dev/null @@ -1,4 +0,0 @@ -install_yum_utils: - pkg.installed: - - name: yum-utils -